'Tis the season for giving. And anybody visiting Amnesty International's UK website could currently end up with the gift of a keylogger courtesy a Java exploit. Brian Krebs has written about it on his blog: Krebs on Security.

Amnesty's UK site was hacked to include an iframe linking to a Brazilian server, which hosts a CVE-2011-3544 based Java Exploit.

Our browsing protection is now blocking Amnesty's site. We've been blocking the .br site for several days already. We detect, and there's fairly good AV industry coverage on, both the Java exploit and the trojan it drops.